CVE-2025-33052

Use of uninitialized resource in Windows DWM Core Library allows an authorized attacker to disclose information locally.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33052

Configurations

No configuration.

History

12 Jun 2025, 16:06

Type	Values Removed	Values Added
Summary		(es) El uso de un recurso no inicializado en la librería principal DWM de Windows permite que un atacante autorizado divulgue información localmente.

10 Jun 2025, 17:22

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-06-10 17:22

Updated : 2025-06-12 16:06

NVD link : CVE-2025-33052

Mitre link : CVE-2025-33052

CVE.ORG link : CVE-2025-33052

JSON object : View

Products Affected

No product.

CWE

CWE-908

Use of Uninitialized Resource

5.5 /10